How to: Deprovision Objects After a Specified Time
You can use the Provision method to trigger deprovisioning on a single connector or multiple connectors in Forefront Identity Manager Synchronization Service (FIM Synchronization Service) to an MVEntry object after a specified time.
Note
This example works only if you run the management agent that contains the remaining connector space object in full-synchronization mode. This operation is very time-consuming in a large metadirectory.
The following examples show how to deprovision an object from the FIM Synchronization Service database (metaverse) after a specified time. You can use this example to schedule an activity for an object in the metaverse, such as implementing a Time To Live scenario. The example assumes that the metaverse object has two additional attributes: DateofTermination and TimeToLive. These attributes are set during import attribute flow on the metaverse object.
Public Sub Provision( _
ByVal mventry As MVEntry) _
Implements IMVSynchronization.Provision
' If the function returns true, the account is expired. Disconnect the
' <tla rid="fim_syncdb_short" /> object from the connector space.
If AccountTTLExpired(MVEntry("DateofTermination").Value, MVEntry("TimeToLive").Value) Then
MVEntry.ConnectedMAs.DeprovisionAll()
End If
' Continue with normal provisioning.
End Sub
Public Function AccountTTLExpired(ByVal TerminatedDate As String, _
ByVal TTL As String) As Boolean
' If the TerminatedDate and TimeToLive attributes contain values, then
' add the attributes and compare to the current date. If the current date
' is more than or equal to the TerminatesDate and ToLiveTime value,
' the function returns true.
Dim TTLExpired As Boolean = False
If TerminatedDate.Equals("") Or TTL.Equals("") Then Exit Function
Try
Dim StartTTLDate As Date = CDate(TerminatedDate)
Dim DaysToTTL As Double = CDbl(TTL)
Dim TimeToLiveDate As DateTime
TimeToLiveDate = StartTTLDate.AddDays(DaysToTTL)
If Now >= TimeToLiveDate Then
TTLExpired = True
End If
Catch
' Handle exceptions here.
End Try
AccountTTLExpired = TTLExpired
End Function
void IMVSynchronization.Provision (MVEntry mventry)
{
// If the function returns true, the account is expired. Disconnect the
// <tla rid="fim_syncdb_short" /> object from the connector space.
if (AccountTTLExpired (mventry["DateofTermination"].Value, mventry["TimeToLive"].Value))
{
mventry.ConnectedMAs.DeprovisionAll();
}
// Continue with normal provisioning.
}
//...
public bool AccountTTLExpired(string TerminatedDate, string TTL)
{
// If the TerminatedDate and TimeToLive attributes contain values, then
// add the attributes and compare to the current date. If the current date
// is more than or equal to the TerminatesDate and ToLiveTime value,
// the function returns true.
if (TerminatedDate.Equals(""))
{
return(false);
}
if(TTL.Equals(""))
{
return(false);
}
try
{
// Convert TerminatedDate to a DateTime object.
DateTime StartTTLDate;
StartTTLDate = Convert.ToDateTime(TerminatedDate);
// Convert the TTL string to a double.
double DaysToTTL = Convert.ToDouble(TTL); //TTL
DateTime TimeToLiveDate = new DateTime();
// Add DaysToTTL to StartTTLDate to get TimeToLiveDate.
TimeToLiveDate = StartTTLDate.AddDays(DaysToTTL);
if (DateTime.Now >= TimeToLiveDate)
{
return(true);
}
}
catch
{
// Handle exceptions here.
}
return false;
}